Microgrid operation is becoming heavily reliant on microprocessor-based controllers and communication networks, making it prone to cyber-attacks. The decentralized nature of microgrids, including both energy production (distributed energy resources) and energy consumption (loads) entities, makes information exchange a challenge for proper control operations. To address this issue, a hierarchical control architecture of microgrids has traditionally been used. As seen in FIG. 1, the hierarchical control architecture divides the control operations of a microgrid into three levels depending on the latency and information update time requirements. In the lower level, primary control applications, such as droop and local control, require fast responses in the ranges of milliseconds to microseconds. In the middle level, secondary control applications, such as automatic generation control, require a response time in seconds. The upper layer has a much more relaxed response speed in the minutes to hours range for applications such as energy management and demand response.    To properly implement this control architecture and to manage the exchange of information within and between all three layers in an orderly fashion, a link to industrial standards with interoperable data and protocols is necessary. The IEC 61850 standard has been the most widely industry accepted standard that provides a comprehensive data modelling and organization method that unifies data structure definitions across equipment from different manufacturers. Recently, IEC 61850 has been used for microgrid control applications. The standard is well fit for decentralized and distributed control architectures because it abstracts the definition of the service and data items to be independent from the underlying protocols. The abstracted data items and services can thus be mapped into any other communication protocol. IEC 61850 maps the data to three different protocols based on the application: the Manufacturing Message Specification (MMS) protocol, which is used for control and automation functions, and the Generic Object-Oriented Substation Event (GOOSE) and Sampled Measured Values (SMV) protocols, which are used for real-time operations.
In decentralized industrial control networks, controllers acquire data about the surrounding environment through sensor readings and then issue control commands to actuators accordingly. The IEC 61850 standard stipulations have introduced an intuitive method to make sensor measurements simultaneously available to all controllers in a microgrid network by introducing the concept of the process bus. As shown in FIG. 2, this is done by splitting the input/output of control agents and their control logic and placing a communication bus between them.
Although the process bus has introduced a lot of advantages, such as reduced copper wiring and ensuring availability of measurement data, it brought along cyber threats. According to IEC 61850-9-2, the maximum end-to-end time delay allowed for SMV messages is 4 ms. This tight limitation on message transmission time makes it nearly impossible to encrypt SMV packets especially with the low processing power of publishing MUs and receiving IEDs. In fact, even latest processor technologies fall short in applying message encryption and authentication techniques within the required 4 ms. This fact is further asserted by IEC 62351-6 security standard, which covers the cyber security of SMV messages. The standard relieves time-critical SMV messages from the burden of being encrypted. Therefore, in the event of a network breach, using techniques such as password cracking, backdoors, and malwares, manipulating digital measurement data is an easy task. By similar talking, several methodologies on spoofing measurements of sensor can also be shown on other industrial protocols.